网络优化seo招聘优化搜索引擎

web/2025/9/30 6:26:14/文章来源:

网络优化seo招聘,优化搜索引擎,石家庄seo推广,宿迁做网站多少钱在《asp.net core认证与授权》中讲解了固定和自定义角色授权系统权限#xff0c;其实我们还可以通过其他方式来授权#xff0c;比如可以通过角色组#xff0c;用户名#xff0c;生日等#xff0c;但这些主要取决于ClaimTypes#xff0c;其实我们也可以自定义键值来授权其实我们还可以通过其他方式来授权比如可以通过角色组用户名生日等但这些主要取决于ClaimTypes其实我们也可以自定义键值来授权这些统一叫策略授权其中更强大的是我们可以自定义授权Handler来达到灵活授权下面一一展开。注意下面的代码只是部分代码完整代码参照https://github.com/axzxs2001/Asp.NetCoreExperiment/tree/master/Asp.NetCoreExperiment/%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86/PolicyPrivilegeManagement 首先看基于角色组或用户名或基于ClaimType或自定义键值等授权策略这些都是通过Services.AddAuthorization添加并且是AuthorizationOptions来AddPolicy这里策略的名称统一用RequireClaim来命名不同的请求的策略名称各不相同如用户名时就用policy.RequireUserName()同时在登录时验证成功后要添加相应的Claim到ClaimsIdentity中 Startup.cs public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddAuthorization(options { //基于角色组的策略 options.AddPolicy(RequireClaim, policy policy.RequireRole(admin, system)); //基于用户名 //options.AddPolicy(RequireClaim, policy policy.RequireUserName(桂素伟)); //基于ClaimType //options.AddPolicy(RequireClaim, policy policy.RequireClaim(ClaimTypes.Country,中国)); //自定义值 // options.AddPolicy(RequireClaim, policy policy.RequireClaim(date,2017-09-02)); }).AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options { options.LoginPath new PathString(/login); options.AccessDeniedPath new PathString(/denied); }); } HomeController.cs using System; using System.Collections.Generic; using System.Diagnostics; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using PolicyPrivilegeManagement.Models; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using System.Security.Claims; namespace PolicyPrivilegeManagement.Controllers { [Authorize(Policy RequireClaim)] public class HomeController : Controller { public IActionResult Index() { return View(); } public IActionResult About() { ViewData[Message] Your application description page.; return View(); } public IActionResult Contact() { ViewData[Message] Your contact page.; return View(); } public IActionResult Error() { return View(new ErrorViewModel { RequestId Activity.Current?.Id ?? HttpContext.TraceIdentifier }); } [AllowAnonymous] [HttpGet(login)] public IActionResult Login(string returnUrl null) { TempData[returnUrl] returnUrl; return View(); } [AllowAnonymous] [HttpPost(login)] public async TaskIActionResult Login(string userName, string password, string returnUrl null) { var list new Listdynamic { new { UserName gsw, Password 111111, Role admin,Name桂素伟,Country中国,Date2017-09-02,BirthDay1979-06-22}, new { UserName aaa, Password 222222, Role system,Name测试A ,Country美国,Date2017-09-03,BirthDay1999-06-22} }; var user list.SingleOrDefault(s s.UserName userName s.Password password); if (user ! null) { //用户标识 var identity new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Sid, userName)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Name)); identity.AddClaim(new Claim(ClaimTypes.Role, user.Role)); identity.AddClaim(new Claim(ClaimTypes.Country, user.Country)); identity.AddClaim(new Claim(date, user.Date)); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity)); if (returnUrl null) { returnUrl TempData[returnUrl]?.ToString(); } if (returnUrl ! null) { return Redirect(returnUrl); } else { return RedirectToAction(nameof(HomeController.Index), Home); } } else { const string badUserNameOrPasswordMessage 用户名或密码错误; return BadRequest(badUserNameOrPasswordMessage); } } [HttpGet(logout)] public async TaskIActionResult Logout() { await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return RedirectToAction(Index, Home); } [AllowAnonymous] [HttpGet(denied)] public IActionResult Denied() { return View(); } } } 上面的授权策略都相对简单单一使用场景也很有限就和固定角色授权如出一辙其实可以用更好的来例用授权那就是自定义授权Handler我们在《asp.net core认证与授权》一文中是通过中间件来达到自定义解色的现在我们换个思路通过自定义授权Handler来实现。首先定义一个UserPermission即用户权限实体类 /// summary /// 用户权限 /// /summary public class UserPermission { /// summary /// 用户名 /// /summary public string UserName { get; set; } /// summary /// 请求Url /// /summary public string Url { get; set; } } 接下来定义一个PermissionRequirement为请求条件实体类 /// summary /// 必要参数类 /// /summary public class PermissionRequirement : IAuthorizationRequirement { /// summary /// 用户权限集合 /// /summary public ListUserPermission UserPermissions { get;private set; } /// summary /// 无权限action /// /summary public string DeniedAction { get; set; } /// summary /// 构造 /// /summary /// param namedeniedAction无权限action/param /// param nameuserPermissions用户权限集合/param public PermissionRequirement(string deniedAction, ListUserPermission userPermissions) { DeniedAction deniedAction; UserPermissions userPermissions; } } 再定义自定义授权Hanlder我们命名为PermissionHandler此类必需继承AuthorizationHandlerT只用实现public virtual Task HandleAsync(AuthorizationHandlerContext context)些方法是用户请求时验证是否授权的主方法所以实现与自定义角色中间件的Invoke很相似。 using Microsoft.AspNetCore.Authorization; using System.Collections.Generic; using System.Linq; using System.Security.Claims; using System.Threading.Tasks; namespace PolicyPrivilegeManagement.Models { /// summary /// 权限授权Handler /// /summary public class PermissionHandler : AuthorizationHandlerPermissionRequirement { /// summary /// 用户权限 /// /summary public ListUserPermission UserPermissions { get; set; } protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { //赋值用户权限 UserPermissions requirement.UserPermissions; //从AuthorizationHandlerContext转成HttpContext以便取出表求信息 var httpContext (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext; //请求Url var questUrl httpContext.Request.Path.Value.ToLower(); //是否经过验证 var isAuthenticated httpContext.User.Identity.IsAuthenticated; if (isAuthenticated) { if (UserPermissions.GroupBy(g g.Url).Where(w w.Key.ToLower() questUrl).Count() 0) { //用户名 var userName httpContext.User.Claims.SingleOrDefault(s s.Type ClaimTypes.Sid).Value; if (UserPermissions.Where(w w.UserName userName w.Url.ToLower() questUrl).Count() 0) { context.Succeed(requirement); } else { //无权限跳转到拒绝页面 httpContext.Response.Redirect(/denied); } } else { context.Succeed(requirement); } } return Task.CompletedTask; } } } 此次的Startup.cs的ConfigureServices发生了变化如下 public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddAuthorization(options { //自定义RequirementuserPermission可从数据库中获得 var userPermission new ListUserPermission { new UserPermission { Url/, UserNamegsw}, new UserPermission { Url/home/permissionadd, UserNamegsw}, new UserPermission { Url/, UserNameaaa}, new UserPermission { Url/home/contact, UserNameaaa} }; options.AddPolicy(Permission, policy policy.Requirements.Add(new PermissionRequirement(/denied, userPermission))); }).AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options { options.LoginPath new PathString(/login); options.AccessDeniedPath new PathString(/denied); }); //注入授权Handler services.AddSingletonIAuthorizationHandler, PermissionHandler(); } HomeController中代码如下 using System.Collections.Generic; using System.Diagnostics; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using PolicyPrivilegeManagement.Models; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using System.Security.Claims; namespace PolicyPrivilegeManagement.Controllers { [Authorize(Policy Permission)] public class HomeController : Controller { PermissionHandler _permissionHandler; public HomeController(IAuthorizationHandler permissionHandler) { _permissionHandler permissionHandler as PermissionHandler; } public IActionResult Index() { return View(); } public IActionResult PermissionAdd() { return View(); } [HttpPost(addpermission)] public IActionResult AddPermission(string url,string userName) { //添加权限 _permissionHandler.UserPermissions.Add(new UserPermission { Url url, UserName userName }); return Content(添加成功); } public IActionResult Contact() { ViewData[Message] Your contact page.; return View(); } public IActionResult Error() { return View(new ErrorViewModel { RequestId Activity.Current?.Id ?? HttpContext.TraceIdentifier }); } [AllowAnonymous] [HttpGet(login)] public IActionResult Login(string returnUrl null) { TempData[returnUrl] returnUrl; return View(); } [AllowAnonymous] [HttpPost(login)] public async TaskIActionResult Login(string userName, string password, string returnUrl null) { var list new Listdynamic { new { UserName gsw, Password 111111, Role admin,Name桂素伟,Country中国,Date2017-09-02,BirthDay1979-06-22}, new { UserName aaa, Password 222222, Role system,Name测试A ,Country美国,Date2017-09-03,BirthDay1999-06-22} }; var user list.SingleOrDefault(s s.UserName userName s.Password password); if (user ! null) { //用户标识 var identity new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Sid, userName)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Name)); identity.AddClaim(new Claim(ClaimTypes.Role, user.Role)); identity.AddClaim(new Claim(ClaimTypes.Country, user.Country)); identity.AddClaim(new Claim(date, user.Date)); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity)); if (returnUrl null) { returnUrl TempData[returnUrl]?.ToString(); } if (returnUrl ! null) { return Redirect(returnUrl); } else { return RedirectToAction(nameof(HomeController.Index), Home); } } else { const string badUserNameOrPasswordMessage 用户名或密码错误; return BadRequest(badUserNameOrPasswordMessage); } } [HttpGet(logout)] public async TaskIActionResult Logout() { await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return RedirectToAction(Index, Home); } [AllowAnonymous] [HttpGet(denied)] public IActionResult Denied() { return View(); } } } 本例设计是当用户gsw密码111111登录时是不能访问/home/contact的刚登录时访该action是不成功的这里我们在/home/addpermission中添加一个Action名称:/home/contact用户名:gsw的信息此时再访问/home/contact会发现是可以访问的这是因为我们热更新了PermissionHandler中的用户权限集合用户的权限得到了扩展和变化。其实用中间件能达到灵活权限的设置用自定义授权Handler也可以接下来比较一下两种做法的优劣中间件自定义授权Handler用户权限集合静态对象实体化对象热更新时用中间件名称.用户权限集合更新因为在Startup.cs中PermissionHandler是依赖注放的可以在热更新的构造中获取并操作性能方面每个action请求都会触发Invock方法标记[AllowAnonymous]特性的Action也会触发只有标记[Authorize]特性的Action会触发该方法标记[AllowAnonymous]特性的Action不会触发性能更优化相关文章 .NET Core 2.0 正式发布信息汇总.NET Standard 2.0 特性介绍和使用指南.NET Core 2.0 的dll实时更新、https、依赖包变更问题及解决.NET Core 2.0 特性介绍和使用指南Entity Framework Core 2.0 新特性体验 PHP under .NET Core.NET Core 2.0使用NLog升级项目到.NET Core 2.0在Linux上安装Docker并成功部署解决Visual Studio For Mac Restore失败的问题ASP.NET Core 2.0 特性介绍和使用指南.Net Core下通过Proxy 模式使用 WCF.NET Core 2.0 开源Office组件 NPOIASP.NET Core Razor页面 vs MVCRazor Page–Asp.Net Core 2.0新功能 Razor Page介绍MySql 使用 EF Core 2.0 CodeFirst、DbFirst、数据库迁移Migration介绍及示例.NET Core 2.0迁移技巧之web.config配置文件asp.net core MVC 过滤器之ExceptionFilter过滤器(一)ASP.NET Core 使用Cookie验证身份ASP.NET Core MVC – Tag Helpers 介绍ASP.NET Core MVC – Caching Tag HelpersASP.NET Core MVC – Form Tag HelpersASP.NET Core MVC – 自定义 Tag HelpersASP.NET Core MVC – Tag Helper 组件ASP.Net Core Razor 页面路由粗略使用.NetCore2.0自带授权登陆Authorize 原文地址http://www.cnblogs.com/axzxs2001/p/7482777.html .NET社区新闻深度好文微信中搜索dotNET跨平台或扫描二维码关注

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/web/84303.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！